Tag: anonymous

Sorry if the question is dumb. Let’s say I am tunneling my traffic via VPN. At one browser I am connected to a website which I want to hide my identity from. At another browser I am logged into social media.

If one (police for example) decides to track down the activity on first website, then they can ask social media giants if my IP address was ever logged in before and ask for the details if so.

I want to know if social media companies(Is it OK to mention names?) give any kind of guarantee that our IP adresses are safe. If so, can you point me to the related item in their terms?

I have a list of 50 FTP servers line by line in file1.txt. I tried to check if these FTP servers allow anonymous login using nmap, but it takes a very long time and it gives a lot of output. How can I quickly test all IPs in file1.txt if they have anonymous login enabled and put them in file2.txt?

I use an “anonymous” mail address (cock.li provider in my case). I have found that mainstream news sites in particular don’t send their newsletters to such an addresses. It looks like the domains blacklisted.

What is the reason? I can understand that they don’t want you writing comments from anonymous mail addresses, but passive reading of a newsletter is also prohibited?

Why this behavior? Why this behavior only with traditional mainstream news?

These newsletters usually have a lot of advertising and tracking, why they don’t wish to deliver them to “anonymous” addresses?

For graph privacy, strong link privacy relies on deep perturbation to the original graph, indicating a large random walk length. However, as the ﬁxed random walk length increases, the perturbed graph gradually approaches to a random graph, incurring a significant loss of utility.

They propose a machine-learning based approach to determining the appropriate random walk length as a trade-off between utility and security/privacy. However, is there (at all) an anonymous or privacy-preserving method of conducting a random walk itself?

My employer monitors every website I visit on company laptop, so i need to create an isolated OS and connect to a stealth VPN so the IT department won’t know which websites I visit and they even shouldn’t know I’m connected to VPN and use isolated OS.

My solution would be:

Qubes and Win 10 inside of it

A Stealth VPN Service like Nordvpn (which the network will not know im connected to vpn)

Maybe a usb for them to save & plug-play anytime

My mobile phone 4g internet or company’s wifi (?)

Note: No need for a complete anonymous systems like whonix, tails etc. I just need to browse web for my personal needs and save my personal docs. So Windows OS is required..

DAA (Direct Anonymous Attestation) is not the only scheme to achieve anonymous attestation. In general, these schemes allow an entity to stay anonymous throughout the attestation process. The concern here is not the attestation but key revocation. TPM/FIDO DAA scheme requires to keep a rogue list of compromised private keys to make revocation possible. But the assumption of compromised device will have its private key leaked publicly is naïve. In fact in many scenarios, a hacker may not reveal a compromised key. Such key can be used for attack such as denial of service attack etc… Since device identity is anonymous to service provider, there is no way for service provider to differentiate an attacker from genuine user.

What making it worse is having the private key stored/protected using hardware key store or HSM (Hardware Security Module). A hacker may have the knowledge to hack and extract the private key from a HSM using zero-day vulnerability. Since private key is designed not to output private key in plain. Therefore, even if a user acknowledge his device is compromised, but there is no way for him to inform the authority since it is not possible to extract the private key as a normal user.

Therefore, DAA sound like a wonderful technology but is not commercially viable?

From what I understand, hash functions are one-way functions. Let’s say that I want to publish an opinion article anonymously, but there is a possibility that I later want to prove that I was the one that wrote the article. Is it possible for me to simply put my identifying information, such as my name, birthday, and social security number, into a cryptographic hash function, and place that hash as my “pseudonym”? The question is the same question as Deniable proof of authorship, but I don’t understand the answer, and I’m not sure if the answer pertains to the use of a hash function.

If this works, are there any downsides? Are there common mistakes that people like me make? I don’t see a way to break this function other than to enter the identifying information of every single person in the world and see if it matches the pseudonym.

Also, what is a PGP? When I was searching my question on the internet, this term popped up quite often.

Please let me know if this is not the correct place to post this question.

I want to make a communication site in my SharePoint Server 2019 available for anonymous access. I made all the changes necessary for classic sites

Allow anonymous in “Authentication Providers”

Add read-only anonymous policy (I also tried “no policy”)

Allowed anonymous access inside site collection

I can access the site and the site opens. Halfway through the site rendering I get an authentication window. Ignoring it in a modern browser loads the site without some parts. Ignoring in IE11 gets me an HTTP500.

Inspecting the IIS Logs I found some calls to the SharePoint API that provide me with HTTP401s:

What is the formal name — and description — of the problem of giving users access to a resource exactly once each while not requiring them to identify themselves?

In other words, to have a system that is able to give away access tokens to users as long as they have never obtained any before.

Assuming that users are able to perform cryptographic functions, and can be assumed to have personal certificates signed by the system, but which they do not want to reveal to the system in order to gain access.